Laptop theft affects 160,000 Neiman Marcus employees

By Bill Brenner, Senior News Writer 25 Apr 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

In a message on the Neiman Marcus Web site, Chairman and CEO Burt Tansky said there's no evidence to suggest the data has been accessed or misused, but that the company will provide credit monitoring services to those affected as a precaution. He added that the company is working with law enforcement agencies to locate the stolen computer equipment.

"The Neiman Marcus Group takes the security of personal information very seriously and we deeply regret that this incident occurred," he said.

The Dallas-based company said the stolen computer belonged to a third-party pension benefits plan consultant and contained a file with names, addresses, Social Security numbers, birth dates and salaries.

The laptop was apparently stolen from a technician hired by the consultant on April 5. Company spokeswoman Ginger Reeder told The Associated press (AP) that Neiman Marcus was told about the theft April 10 but was asked by police not to disclose it until this week while the case was investigated. She said other items were taken, leading the company to believe the thieves weren't after information about the Neiman Marcus employees.

Computer files are supposed to be encrypted under the consultant's security policy but Neiman Marcus can't confirm if the information on the laptop was indeed protected. Therefore, the company is proceeding as if was not.

While 160,000 compromised identities makes for a serious security breach, this latest incident pales in comparison to other breaches in the past two years, including one that exposed at least 45.7 million TJX Companies Inc. customers to identity fraud.

In another well-publicized case, credit card transaction processor CardSystems Solutions Inc. acknowledged that hackers had stolen 263,000 customer credit card numbers and exposed 40 million more to fraud. And last year, 26.5 million veterans and active duty personnel were affected by the theft of a Department of Veterans Affairs (VA) laptop and external hard drive.

Tags: Identity Theft and Data Security Breaches,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Identity Theft and Data Security Breaches Chip and PIN adoption serves lesson for U.S. payment industry Group to shed light on secure identity management threats Heartland CIO is critical of First Data's credit card tokenization plan Heartland CIO on end-to-end encryption, credit card tokenization Heartland CIO on PCI, E3 project Visa probes tokens, encryption for PCI card data protection University data breach exposes 163,000 women to identity theft TJX thrives following breach, bucks sour economy Security expert's PCI analysis misguided, says PCI Council GM External attacks start with unintentional mistakes, survey finds

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) CISP-PCI  (SearchFinancialSecurity.com) cookie poisoning  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) extrusion prevention  (SearchSecurity.com) identity theft  (SearchSecurity.com) parameter tampering  (SearchSecurity.com) pretexting  (SearchCIO.com) Rock Phish  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary